[Freeipa-devel] [PATCHSET] Replica promotion patches

Martin Babinsky mbabinsk at redhat.com
Wed Oct 21 15:46:32 UTC 2015 

On 10/20/2015 07:24 PM, Simo Sorce wrote:
> On 20/10/15 06:32, Martin Babinsky wrote:
>> On 10/15/2015 08:14 PM, Simo Sorce wrote:
>>> On 15/10/15 11:39, Martin Basti wrote:
>>>> Without this patch the ipa-ca-install is broken in current master.
>>>> Unexpected error - see /var/log/ipareplica-ca-install.log for details:
>>>> AttributeError: Values instance has no attribute 'promote'
>>>
>>> Should be fixed with the attached patches.
>>>
>>>
>>>
>> NACK, in patch 551 you add a test for non-existent CLI option into main
>> method:
>>
>> @@ -198,10 +251,20 @@ def main():
>>       if os.geteuid() != 0:
>>           sys.exit("\nYou must be root to run this script.\n")
>>
>> -    if filename is not None:
>> -        install_replica(safe_options, options, filename)
>> -    else:
>> -        install_master(safe_options, options)
>> +    try:
>> +        if options.replica or filename is not None:
>> +            install_replica(safe_options, options, filename)
>> +        else:
>> +            install_master(safe_options, options)
>> +
>> +    finally:
>> +        # Clean up if we created custom credentials
>> +        created_ccache_file = getattr(options, 'created_ccache_file',
>> None)
>> +        if created_ccache_file is not None:
>> +            try:
>> +                os.unlink(created_ccache_file)
>> +            except OSError:
>> +                pass
>>
>> I guess you wanted to add '--replica' option to the CA installer but
>> since it was not added to option parser the installer explodes.
>>
>> # ipa-ca-install
>>
>> Your system may be partly configured.
>> Run /usr/sbin/ipa-server-install --uninstall to clean up.
>>
>> Unexpected error - see /var/log/ipareplica-ca-install.log for details:
>> AttributeError: Values instance has no attribute 'replica'
>>
>
> The attached patch should address this problem now.
>
> Simo.
>

Thanks, the patch enables CA install on promoted replica.

I have one minor nitpick though:

When running ipa-ca-install on domain level 0 replica w/o replica file, 
the installer issues the following error:

# ipa-ca-install
Replica file None does not exist

I guess you should separately handle the case when no replica file is 
specified and issue a corresponding error message like "A replica file 
is required".

-- 
Martin^3 Babinsky

More information about the Freeipa-devel mailing list